McAfee DLP Discover allows you to verify whether sensitive data may be at risk and identify its distributed location. From source code to trade secrets to strategic business plans, IP and other information assets are critical to your brand, public reputation, and competitive edge. Protecting data during transmission is critical, but securing sensitive data before it is inappropriately accessed or moved is a priority.
Determine what information to protect — You can configure McAfee DLP Discover to scan specific repositories and identify data for explicit protection.
Define policies for protection — DLP Discover provides intuitive and unified policy creation, reporting, and management to give you more control over your information protection strategy for data at rest.
Scan your network for violations — You can instruct McAfee DLP Discover to routinely scan network resources for policy violations. Flexible scheduling options are available to perform continuous, daily, weekly, or monthly scans.
Review and remediate violations — DLP Discover eliminates or minimizes proliferation of sensitive material through integrated incident workflow and case management. If DLP Discover finds content that violates protection policies, it generates incidents and sends notifications.
Capture and analyze stored data — DLP Discover indexes all content found at rest in the network and allows you to query and mine this information to quickly understand your sensitive data, how it is used, who owns it, where it is stored, and to where it has proliferated.
Cut the time and effort required to secure enterprise information. McAfee DLP Discover automatically scans all accessible resources to pinpoint sensitive data, uncover potential risks, and identify the content owner.
Filter and control sensitive information with multivector classification. Inventory and index all content, and then query and analyze that data to better understand and manage it.
Classify data that does not fall into standard file categories. DLP Discover uses a technology called “Concepts” to describe where you can find data within a file. Once defined, it is easy to use Concepts anywhere within the system to find, categorize, and search for specific data items.
Learn the origin of content violations, register and generate signatures, and send alert notifications to protect documents and the information within them more effectively. Integrated case management supports notification to content owners and system administrators using configurable messages.
Perform queries and transfer the results to a protection rule. Customize the pre-built compliance, corporate governance, and intellectual property policies, or create your own. Then, register sensitive information for fingerprinting to ensure safe handling and reduce false positives.
Customize summary and detail views of inventory logs and search results. You can create reports on demand or schedule for regular delivery. To get you started, the system comes with over 20 preconfigured, customizable reports.
Scan laptops, desktops, servers, file transfer locations, document repositories, portals, and databases with ease. DLP Discover’s advanced network crawling technology uncovers data you never knew existed. Determine what and where to search, and build the schedule to regularly retrieve network data that is appropriate for your workflow.
Ensure support for over 300 content types, including Microsoft Office documents, multimedia files, source code, design files, archives, encrypted files, built-in policies, and intellectual property.
Access support for the following databases: Oracle 8i and later; MySQL Enterprise 5.0 and 5.1; Microsoft SQL Server 7.0, up to 2008; and IBM DB2 5 thru 9.1.
Perform a granular investigation and historical inspection of information to detect risk of data exposure. Quickly identify sensitive information through an intuitive search interface, and determine who is sending data and where it is located.
Get support for the following repositories: Common Internet File System (CIFS), Server Message Block (SMB), Network File System (NFS), HTTP/HTTPS, FTP, Microsoft SharePoint, and EMC Documentum.
Register data from any supported repository or database. You can use signatures from registered data to detect sensitive material in policies enforced across the network.
Create robust rules to define what data is scanned, including keywords, regular expressions, database tables, rows and columns, and unique McAfee Concepts. Document registration to rules, including network path scanning, on a configurable schedule, and easily discriminate between non-sensitive and sensitive information. You can also restrict rule and policy enforcement to specific scan operations.
McAfee DLP Manager, McAfee DLP Monitor, McAfee DLP Discover, and McAfee DLP Prevent are now supported on the McAfee DLP 5500 appliance. The DLP 5500 appliance is an Intel-based platform with dual six core CPUs, 32 GB of RAM and over 10 TB of storage in a 2U form factor. DLP hardware appliance solutions are self-contained devices. There are no minimum software or hardware system requirements or additional database installations required.
The Network DLP 4400, Network DLP 1650, and Network DLP 3650 appliances have been discontinued. In accordance with McAfee’s End of Life policy, they are being supported until October 2016.
For a technical summary on the McAfee product listed above, please view the product data sheet.
Together, Boldon James Classifier and McAfee Network Data Loss Prevention reduce the risk of data loss by applying the insight of each knowledge worker to data loss prevention decisions. Classifier captures the user’s knowledge of the business value of data in the form of visual and metadata markings applied to messages and documents.
Selling stolen data is an easy way for cybercriminals to make some quick money on cyber black markets. The following flowchart shows a generic credential-stealing campaign in action. In the last step, the flow is bidirectional. The malware makes a two-way authentication-free connection between the victim and the attacker. This two way connection not only […]
The post When Hackers Get Hacked: the Malware Servers of a Data-Stealing Campaign appeared first on McAfee.
You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there? The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may […]
Lately, McAfee Labs has observed a lot of active samples detected as Trojan Laziok by many security vendors. According to online reports, the Trojan Laziok is dropped via an exploit of the Microsoft Windows Common Controls ActiveX Control Remote Code Execution Vulnerability (CVE-2012-0158), which arrives via a spam email. In contrast, we have identified the […]
The post Kraken/Laziok HTTP Bot Controls Victims With Remote Admin Tool appeared first on McAfee.
In recent days, much has been said and written around the recently disclosed “Venom” vulnerability. It is important to fully understand the real-world severity of vulnerabilities such as Venom. Although the threat is potentially severe and certainly interesting (it is in a class of relatively rare guest escapes from virtual machines), one has to take into […]
Written by Deepak Choudhary There are always risks involved when relying on a third party to send and receive sensitive data over secure network channels. While we recognize the roles of the Public Key Infrastructure (PKI) and third party certificate authority (CA), we also believe that Certificate SSL Pinning can play a key role in […]